snort v2.9.9.0 - a network intrusion detection and prevention system.

snort v2.9.9.0 – a network intrusion detection and prevention system.

CHANGELOG SNORT V2990 2017-02-24:
+ Talos has added and modified multiple rules in the browser-ie, file-flash, file-other, indicator-obfuscation, indicator-shellcode and server-webapp rule sets to provide coverage for emerging threats from these technologies.
+ This is alist of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2990:
* 1:41725 <-> ENABLED <-> SERVER-OTHER Cisco IOS Smart Install protocol version command attempt (server-other.rules)
* 1:41724 <-> ENABLED <-> SERVER-OTHER Cisco IOS Smart Install protocol download image command attempt (server-other.rules)
* 1:41723 <-> ENABLED <-> SERVER-OTHER Cisco IOS Smart Install protocol download config command attempt (server-other.rules)
* 1:41722 <-> ENABLED <-> SERVER-OTHER Cisco IOS Smart Install protocol backup config command attempt (server-other.rules)
* 1:41721 <-> DISABLED <-> SERVER-WEBAPP Mikrotik Syslog Server DoS attempt (server-webapp.rules)
* 1:41720 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed iframe buffer overflow attempt (browser-ie.rules)
* 1:41719 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed iframe buffer overflow attempt (browser-ie.rules)
* 1:41718 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed iframe buffer overflow attempt (browser-ie.rules)
* 1:41717 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed object type buffer overflow attempt (browser-ie.rules)
* 1:41716 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer malformed iframe buffer overflow attempt (browser-ie.rules)
* 1:41715 <-> DISABLED <-> BROWSER-IE Microsoft Health and Support Center iframe injection attempt (browser-ie.rules)
* 1:41714 <-> DISABLED <-> INDICATOR-OBFUSCATION rfc822 HTTP transfer encoding attempt attempt (indicator-obfuscation.rules)

Snort version 2990.

Snort is a libpcap-based sniffer/logger which can be used as a network intrusion detection and prevention system. It uses a rule-based detection language as well as various other detection mechanisms and is highly extensible.

Install from source:

Download windows: Snort_2_9_9_0_Installer.exe
Source: https://snort.org/ | Our Post Before